Worrying news today as the Financial Times reveals a new threat to anyone who works with sensitive information, including political candidates and campaigners.

The new FT investigation reveals that the Israeli tech company, NSO, has told its customers that it can secretly download all of a target person’s data from the servers of Apple, Google, Facebook, Amazon and Microsoft.

NSO’s main smartphone malware, Pegasus, has been used by spy agencies and governments for years to harvest data from smartphones.

I previously posted here on how to protect against NSO’s WhatsApp spyware, but the FT has now seen documents that show Pegasus has been updated so that it can harvest the much more sensitive personal information that is stored about us all in the cloud, such as our complete location history, plus years of archived documents, calendar appointments, photos, messages and emails.

This kind of information, if purchased and misused by malicious opponents, could prove fatal to the chances of an election candidate or a whole political party.

Apple admitted to the FT that “some expensive tools may exist to perform targeted attacks on a very small number of devices”. Apple went on to say “we do not believe these are useful for widespread attacks against consumers”. This offers little comfort to the relatively small number of people in political parties and campaigns who could easily be targets.

Microsoft urged users to “maintain a healthy device”.

One of NSO’s documents seen by the FT offered some advice of its own to thwart the kind of eavesdropping they are offering. It suggests changing an app’s password and revoking its login permission. That works, according to the document, until Pegasus is redeployed.

You can see the full article here: www.ft.com/content/95b91412-a946-11e9-b6ee-3cdf3174eb89